package com.cloudeasy.core.authorize;

import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * 基本授权配置提供者
 * 所有请求都会进行校验，因此要在最后执行
 */
@Component
@Order(Integer.MAX_VALUE)
public class BaseAuthorizeConfigProvier implements AuthorizeConfigProvider {
    /**
     * 调用{@link org.springframework.security.access.PermissionEvaluator}的实例对象securityPermissionEvaluator
     * 执行判断逻辑
     *
     * @param config {@link ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry}配置对象
     */
    @Override
    public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        config.anyRequest().access("@securityPermissionEvaluator.hasPermission(authentication,request,null)");
    }
}
